Oliver Kurth [Fri, 26 Oct 2018 17:44:55 +0000 (10:44 -0700)]
Remove vmxnet and vmxnet3 drivers from FreeBSD builds and open-vm-tools
The vmxnet (version 1) network driver is not supported by any currently
supported VMware virtualization platform. Removing the FreeBSD
specific vmxnet source and deleting the vmxnet.ko driver build from
the tools and the open-vm-tools builds.
FreeBSD has their own vmxnet3 network driver based on community source
and has never made use of the vmxnet3 source code or drivers from
VMware. Removing the unneeded FreeBSD vmxnet3 source and builds
Oliver Kurth [Fri, 5 Oct 2018 20:55:27 +0000 (13:55 -0700)]
Optional override for short and long OS names sent from Tools
Added support for customers to override the returned long and short OS
names through the tools config file. If the setting is present, then names
gathered by hostinfo will be ignored. The user is responsible for setting
the appropriate names.
The override will be ignored if the short-name setting is not present in
tools.conf.
An empty string will be sent for the long OS name if only the short-name
setting is present.
Appropriate warning msg will be generated in both cases.
Example of the conf setting:
[guestosinfo]
short-name = centos6-64
long-name = some long name
Oliver Kurth [Mon, 17 Sep 2018 23:41:19 +0000 (16:41 -0700)]
Hgfs Server Linux: fix the share permissions on a file rename or delete
Coverity found that the argumeents to obtain the share permissions
on a file rename were swapped. Even though they are tested together
in an if statement which is not an issue, it could be in the future.
Reverse arguments so the share read and write permissions are correct.
Oliver Kurth [Mon, 17 Sep 2018 23:41:18 +0000 (16:41 -0700)]
Handle Linux kernel /proc FS uint32 type stat overflow when calculating
tools rate stats.
On both 32-bit and 64-bit Linux, tools always parses Linux kernel /proc
FS stats as uint64 values. For rate stats, current - previous can handle
uint64 type stat overflow, but not uint32 type.
Oliver Kurth [Mon, 17 Sep 2018 23:41:18 +0000 (16:41 -0700)]
Allow only a single instance of vmusr when multiple users are logged into a VM
When a vmusr process gets the "channel conflict" error while attempting
to open the toolbox-dnd channel, a channel reset is triggered. That
reset results in the channel being restarted and a subsequent conflict
and reset occurs - every second until the channel becomes available.
For *nix guests:
The fix is making use of the repetitive channel resets where the only
RpcIn message received is a "reset" to catch this channel "permanently"
unavailable state. If other RpcIn messages are received, a channel
is considered to be working and the cumulative error count is cleared..
lib/rpcin/rpcin.c:
- struct RpcIn: Added error status boolean and callback function to
notify the dependent layer that a channel error has been
resolved.
- RpcInLoop(): If a non "reset" message is received, clear any channel
error status. This will also notify the dependent layer
that the channel is functioning.
- RpcIn_start(): Added additional argument for new callback; NULL if
not needed.
lib/rpcChannel/rpcChannel.c:
- struct rpcChannelInt:
- Renamed "rpcErrorCount" to "rpcResetErrorCount" since it is actually
a count of the consecutive channel reset failures and not a count
of RpcChannel errors.
- Added counter "rpcFailureCount" for the cumulative channel errors.
- Added "rpcFailureCb" for optional callback to notify the app of a
"permanent" channel failure.
- New function RpcChannelClearError() for RpcIn to notify when the
channel is working; to clear the rpcFailureCount .
- RpcChannel_Setup() - added two arguments for (1) an optional function
to be called when there is a channel failure
and (2) a failure count threshold.
These optional values are stored in the
RpcChannel structure being created.
- RpcChannelError(): Added logic to notify the calling app if the error
threshold has been reached and notify the app if a
callback was provided. A zero threshold signifies
the single vmusr limit should not be enforced.
(fix disable switch).
services/vmtoolsd/mainLoop.c:
- New function ToolsCore_GetVmusrLimit() to retrieve the channel error
threshold default or over-ride from tools.conf.
services/vmtoolsd/toolsRpc.c:
- Added ToolsCoreAppChannelFail(): Callback for "permanent" channel
connection failure. A warning is logged based on whether another
"vmtoolsd -n vmusr" is running or not and the process is terminated.
On Mac OS, the process is terminated with exit(1) as an indication
to launchd that the vmusr process should not automatically be
restarted.
The current implementation uses the error callback only for the vmusr
server on Linux (*nix).
The default channel error limit is 5 (approx. 5 second), but is user
configurable in tools.conf.
[vmusr]
maxChannelAttempts = n # where allowed n = 0, 3-15
When "maxChannelAttempts = 0" is used, the restriction to a single
running vmusr process is not enforced. The existing behavior is
restored with all the accompanying VMX log spew. This is essentially
a user configurable feature disablement switch.
Oliver Kurth [Mon, 17 Sep 2018 23:41:17 +0000 (16:41 -0700)]
Changes to common header files not directly applicable to open-vm-tools
VGAuth Windows: fix file properties product version and file version
Product name of the VGAuth binaries are set to VMware Workstation and
the Product version set to experimental (e.x.p).
Experimental version has the e.x.p build number in the Product Version
field of each of the shipped binaries. Now that we are WHQL signing a DLL too
for security it does make sense for the feature to use an official version.
This changes the Product name and version fields from
Product name -> VMware Workstation
Product version -> e.x.p build-4013326
to
Product name -> VMware Guest Authentication
Product version -> 1.0.0 build-4013326
Oliver Kurth [Fri, 7 Sep 2018 22:53:28 +0000 (15:53 -0700)]
Remove vmxnet and vmxnet3 drivers from FreeBSD builds and open-vm-tools
The vmxnet (version 1) network driver is not supported by any currently
supported VMware virtualization platform. Removing the FreeBSD
specific vmxnet source and deleting the vmxnet.ko driver build from
the tools and the open-vm-tools builds.
FreeBSD has their own vmxnet3 network driver based on community source
and has never made use of the vmxnet3 source code or drivers from
VMware. Removing the unneeded FreeBSD vmxnet3 source and builds
Oliver Kurth [Fri, 7 Sep 2018 22:53:27 +0000 (15:53 -0700)]
Update SSL configuration with more secure settings.
Due to SSL issues in the past, The preference is to have default
settings to be more secure than compatible. This change mainly
inherits the default settings from ssl.c.
Oliver Kurth [Fri, 7 Sep 2018 22:53:27 +0000 (15:53 -0700)]
Fix a gcc-8 compiler warning in lib/misc/vthreadBase.c
gcc-8 generates a stringop-truncation warning when it's possible
for strncpy to exclude the trailing nul. The code was fine, we never
touch the last byte in the buffer and it's a static, but explicitly
set a nul at the end of the buffer so gcc sees it.
This is needed for open-vm-tools to build on Suse Tumbleweed.
Oliver Kurth [Fri, 7 Sep 2018 22:53:27 +0000 (15:53 -0700)]
Reduce quiesced snapshot warning messages when running on older hosts.
vSphere 6.7 added a new interface on the host side that allows tools
to send a "generic" backup manifest during a quiesced snapshot on
Linux guests. VMTools 10.2.0 or later will try to send the manifest
file and if the host is unable to field it, then VMTools logs this
information and continues with the quiesced snapshot in the older
fashion. This change reduces the logging that is done in this case.
Oliver Kurth [Fri, 7 Sep 2018 22:53:27 +0000 (15:53 -0700)]
Common source file change not directly applicable to open-vm-tools
Verify existence of the returned path, retry the guest OP
CreateTemporaryFileInGuest/CreateTemporaryDirectoryInGuest using system
temp folder if the path disappears.
Oliver Kurth [Fri, 7 Sep 2018 22:53:26 +0000 (15:53 -0700)]
Disable hgfsServer plugin when not running in a VMware VM.
VmCheck_GetVersion() accesses Backdoor in an unsafe manner
which is not expected to work on non-VMware environments
including physical machines. So, we need to make sure that
VmCheck_GetVersion() is called only when we are running in
a VMware VM.
Linux:
guest.mem.total (/proc/meminfo#MemTotal)
guest.mem.buffers (/proc/meminfo#Buffers)
guest.mem.cached (/proc/meminfo#Cached)
guest.mem.slabReclaim (/proc/meminfo#SReclaimable)
guest.mem.available (/proc/meminfo#MemAvailable since Linux 3.14, emulated by VMTools for kernels 2.6.27+)
Oliver Kurth [Tue, 4 Sep 2018 22:40:59 +0000 (15:40 -0700)]
Update SSL configuration with more secure settings.
Due to SSL issues in the past, The preference is to have default
settings to be more secure than compatible. This change mainly
inherits the default settings from ssl.c.
Oliver Kurth [Tue, 4 Sep 2018 22:40:59 +0000 (15:40 -0700)]
Reduce quiesced snapshot warning messages when running on older hosts.
vSphere 6.7 added a new interface on the host side that allows tools
to send a "generic" backup manifest during a quiesced snapshot on
Linux guests. VMTools 10.2.0 or later will try to send the manifest
file and if the host is unable to field it, then VMTools logs this
information and continues with the quiesced snapshot in the older
fashion. This change reduces the logging that is done in this case.
Oliver Kurth [Tue, 4 Sep 2018 22:40:59 +0000 (15:40 -0700)]
Add some key VMX debug messages
Add some key debug-to-vmx messages to help debug SAML tokens.
Fix a potential issue in the logging code.
Always use a local version of htonll() since Visual Studio has
changed its mind about its existance in vs2017.
Oliver Kurth [Tue, 4 Sep 2018 22:40:58 +0000 (15:40 -0700)]
Fix a gcc-8 compiler warning in lib/misc/vthreadBase.c
gcc-8 generates a stringop-truncation warning when it's possible
for strncpy to exclude the trailing nul. The code was fine, we never
touch the last byte in the buffer and it's a static, but explicitly
set a nul at the end of the buffer so gcc sees it.
This is needed for open-vm-tools to build on SUSE Tumbleweed.
Oliver Kurth [Tue, 4 Sep 2018 22:40:58 +0000 (15:40 -0700)]
End VGAuth impersonation in the case of error.
* In GuestAuthPasswordAuthenticateImpersonate():
When VGAuth_UserHandleAccessToken fails, unimpersonation is not
being done. This can cause issues. Fixed it.
* In GuestAuthSAMLAuthenticateAndImpersonate(), fixed the following issues:
The 'newHandle' is not being freed which causes a memory leak.
When VGAuth_UserHandleAccessToken fails, unimpersonation is not
being done.
Oliver Kurth [Tue, 4 Sep 2018 22:40:57 +0000 (15:40 -0700)]
Tools: More cleanup
Remove references to VMDB.
Cleaned up some headers - they are all the same now
NIC, not nic in messages
RPC, not rpc in messages
OS, not os in messages
Added a few debugging messages for the new, structure data paths
Oliver Kurth [Wed, 29 Aug 2018 20:51:55 +0000 (13:51 -0700)]
Workaround for false negative result when detecting cloud-init existance
"cloud-init -v" cmd is used to detect if cloud-init is properly configured and
it works on most linux distros. However in some linux distro like Amazon Linux 2,
"cloud-init -v" will print result to stderr instead of stdout and it makes
"forkExecAndWaitCommand" give false negative result.
1. added a new bool switch in "ForkExecAndWaitCommand" to choose
if we should ignore the stderr output when the return code is 0
2. removed unnecessary reference for "ForkExecAndWaitCommand" in linuxDeploymentUtilities.c
3. trivial change for some formatting
Oliver Kurth [Wed, 29 Aug 2018 20:29:45 +0000 (13:29 -0700)]
Fix memory leaks in 'vix' tools plugin.
* vix plugin retrieves the power script file paths from the
config file but doesn't free them and this causes a memory leak.
Fixed the code to free the filepaths.
* In GuestAuthPasswordAuthenticateImpersonate function, the VGAuth
handle is not freed when the impersonation fails. Fixed the
code to call VGAuth_UserHandleFree in the error path.
Note: I executed one guest operation with wrong credentials.
Every failure leaks 75 bytes of memory. (in Centos 64-bit VM)
* Fixed another minor issue in the code. At couple of places in
the code, replaced 'err' with 'vgErr' for storing the return value
of VGAuth_UserHandleAccessToken.
Oliver Kurth [Wed, 29 Aug 2018 20:29:45 +0000 (13:29 -0700)]
open-vm-tools: build without libdnet by default
Building with libdnet does not add any value for Linux, so build
without it by default, but keep the option open to fall back on
it if there are issues.
FreeBSD still needs libdnet for full functionality, therefore
make building without it the default only for Linux.
Oliver Kurth [Wed, 29 Aug 2018 20:29:45 +0000 (13:29 -0700)]
Adding structured data to Tools. (feature DISABLED)
This change touches both vmware-tools and the VMX.
Tools:
Added new rpc for sending a structured data. The structured data is
composed of 2 parts. A struct header and a well formatted property list
string called structured string.
The structured string is built by appending key='value' pairs
separated by ' '. This string will include any extra information
regarding the guest that is applicable to the VMX and higher up.
The structured string will not include any '"' characters and all '\\'
and '\'' characters are escaped. The fields included in the structured
string will vary depending on the guest OS, and if Linux, also what lsb
standard it conforms to.
The structure header contains the OS name and OS long name and will
always be included. If the structured data can be sent successfully the
short and long os names are not sent individually. If the VMX is an
older version and does not support the structured data RPC, then the
send in Tools will fail and can react accordingly.
Oliver Kurth [Wed, 29 Aug 2018 20:29:44 +0000 (13:29 -0700)]
Common source file change not directly applicable to open-vm-tools
Verify existence of the returned path, retry the guest OP
CreateTemporaryFileInGuest/CreateTemporaryDirectoryInGuest using system
temp folder if the path disappears.
Oliver Kurth [Wed, 29 Aug 2018 20:29:44 +0000 (13:29 -0700)]
Change for tools vmx logging. Added locking to handle race condition
and deadlocks.
While there, changing GStaticRecMutex to GRecMutex since
GStaticRecMutex is deprecated since glib 2.32, and we are now at
glib 2.48.
The requirement here is that on top of the existing logging mechanism,
toolsd also send logs to VMX according to VMX side setting for toolsd
log levels. The existing logging mechansim shall be preserved so that
if there is a problem sending a message to VMX, that message is saved
in the guest according to whatever exising setting in tools.conf
either to a local file or the guest syslog. In addition, if there is
an issue sending VMX the log message, additioinal logs about the error
can also be logged using the existing tools.conf based log mechansim.
In order to support both the new and the old RPCs and the existing
tools.conf settings, it is best to use static globals for the vmx
logging. This simplifies both design and coding, and make it easier
to reason about the state of the vmx guest logger.
There is also no need to split the new code into another file. The newly
added logic actually belong to vmtoolsLog.c which keeps track of the
global states of the log processing and then invokes each external
log handler. The newly added code shall be invoked from the existing
vmtoolsLog.c framework code and also uses/updates multiple existing
vmtoolsLog.c data structure.
The old VMX LogHandler shall be left alone for now, since not all guest
apps will move to the new code at the same time. Once every apps have changed,
the old VMX LogHandler can be removed. Also removed is the stoplogging
code from the old VMX LogHandler since it is already covered by the
caller VMToolsLog() in vmtoolsLog.c
The global logging state is initialized as early as possible. However,
it should be done after the first VMTools_ConfigLogging() call so
that if there is any errors during the initialization, we can use
the local logging system to log them.
For a compatibility with older hosts and older tools, this change
tries to make sure the old vmx handler settings shall still WORK.
This is the most challenging part.
In order to avoid sending logs to VMX twice, if the VMX handler setting
is specified in the tools.conf, the local logger shall replace it
with the default file logging. However, the vmx handler setting is
NOT ignored, it shall be honored and used if the host is old and does
not support the new guest.log.* RPCs. There, we shall enter a fallback
mode and use the old log RPCs and the VMX handler's level setting is
read and used.
Need to call the setup() code in multiple places.
1) Initial start up (this is to enable it as early as possible).
2) Set option for a host designated level change.
3) RPC channel reset.
4) Tools config change procssing from signal HUP or timer callback.
The setup code can use g_xxx() for logging, but the core log handler
VmxGuestLog() cannot, to avoid recursive g_xxx() calls. Instead,
it calls Debug()/Warning() suites just like RpcChannel code.
Before, the RpcChannel loggings are thrown away which is not good.
This change here fixed the issue by logging those using the internal
VMToolsLogInt() function which directly write to the file system logger.
This change also fixed a bug where the vmtoolsd domain logs are thrown
away at the beginnnig of the tools load up. Enabling those requires us
to add the username as part of the log file name, since both the vmsvc
and vmusr processes would have use the same file vmware-vmtoolsd.log
which would cause a permission problem. The g_get_user_name only
returns the user without the domain. This might be a concern if
there are the same user id in both the local accouts and in the
domain. This rare case needs to be handled, but I am leaving it out
for now since it is very rare use case, and the same problem exists
already with the existing code.
Oliver Kurth [Wed, 29 Aug 2018 20:29:44 +0000 (13:29 -0700)]
Disable hgfsServer plugin when not running in a VMware VM.
VmCheck_GetVersion() accesses Backdoor in an unsafe manner
which is not expected to work on non-VMware environments
including physical machines. So, we need to make sure that
VmCheck_GetVersion() is called only when we are running in
a VMware VM.
Oliver Kurth [Wed, 29 Aug 2018 20:29:43 +0000 (13:29 -0700)]
Optional override for short and long OS names sent from Tools
Added support for customers to override the returned long and short OS
names through the tools config file. If the setting is present, then names
gathered by hostinfo will be ignored. The user is responsible for setting
the appropriate names.
The override will be ignored if the short-name setting is not present in
tools.conf.
An empty string will be sent for the long OS name if only the short-name
setting is present.
Appropriate warning msg will be generated in both cases.
Example of the conf setting:
[guestosinfo]
short-name = centos6-64
long-name = some long name
Linux:
guest.mem.total (/proc/meminfo#MemTotal)
guest.mem.buffers (/proc/meminfo#Buffers)
guest.mem.cached (/proc/meminfo#Cached)
guest.mem.slabReclaim (/proc/meminfo#SReclaimable)
guest.mem.available (/proc/meminfo#MemAvailable since Linux 3.14, emulated by VMTools for kernels 2.6.27+)
Oliver Kurth [Mon, 20 Aug 2018 19:48:09 +0000 (12:48 -0700)]
Log reply from VMX when powerOps plugin fails to send RPC.
The powerOps plugin sends a "tools.os.statechange.status" RPC after
the power scripts are executed. The reply from VMX for this RPC
is not currently logged. The reply is very useful to debug
'toolsRunningStatus' issues in FSR workflows. Modified the code
to log the reply.
Oliver Kurth [Mon, 20 Aug 2018 19:48:09 +0000 (12:48 -0700)]
Calculating monitor work area: No bar exists if seamless maximizing
In Unbuntu 18.04, Redhat 7.4, 7.5, the work area size could not be calculated
based on _NET_WM_STRUT or _NET_WM_STRUT_PARTIAL. These two properties could
not be retrived through the window manger. In this fix, use _NET_WORKAREA to
get the work area, but this is only available with a single monitor.
Oliver Kurth [Mon, 20 Aug 2018 19:48:08 +0000 (12:48 -0700)]
Log reply from VMX when powerOps plugin fails to send RPC.
The powerOps plugin sends a "tools.os.statechange.status" RPC after
the power scripts are executed. The reply from VMX for this RPC is
not currently logged. The reply is very useful to debug 'toolsRunningStatus'
issues in FSR workflows. Modified the code to log the reply.
projects / thirdparty / open-vm-tools.git / log
